<?php
include_once('config/db_conn.php');
include_once('db_config/db_user.php');
$user=new user();
			
// Show all errors except the notice ones
error_reporting(E_ALL ^ E_NOTICE);

header('Cache-control: private'); // IE 6 FIX

if($_POST['action'] == 'forgot_pass')
{
	$post_email = $_POST['email'];
	// check user
	$rs_user=$user->uniq_user_list('user_primary_email',$post_email);
	$data_user=mysql_fetch_array($rs_user);
	if($data_user){
		$newpass = rand(999,99999).rand(111,8888);
		$user->dataUpdate('ninerr_user',array('user_password'=>$newpass), array('user_id'=>$data_user[user_id]));
		
		$to_mail=$data_user['user_primary_email'];
		$from_mail = SITE_MAIL;
		$from_name = SITE_NAME;
		$subject ="Your Password on ".SITE_NAME." has been changed";

		$body = "Your new  password for the ".SITE_NAME."\r\n";
		$body.= "Username: ".$data_user[user_name]."\r\n";
		$body.= "New password: ".$newpass."\r\n\r\n";
		$body.= "You can now login on ".SITE_URL."\r\n";
		$body.= "This mail is sent to you because You are subscribed to ".SITE_NAME."\r\n";

		$headers  = "MIME-Version: 1.0\r\n";
		$headers .= "Content-type: text/html; charset=iso-8859-1\r\n";
		$headers.="To: ".$to_mail."\r\n";
		$headers.="From: ".$from_name." <".$from_mail.">\r\n";

		@mail($to_mail, $subject, nl2br($body), $headers);
		$auth_error = '<div style="color:blue;">Your password has been sent.</div>';
		echo $auth_error;

	}
	else{
		$auth_error = '<div id="notification_error"><strong>Sorry, no such user exists.</strong></div>';
		echo $auth_error;
	}
}
?>